Lending protocol Euler Finance was hit by a flash-loan attack, resulting in a loss of $197 million, according to security firms BlockSec and PeckShield.
The attack occurred at 4:50 am ET, allowing the perpetrator to borrow large amounts of funds and drain them from the protocol. They drained $136 million of staked ether (stETH), $34 million of USDC, $19 million of wrapped bitcoin (WBTC) and $8.7 million of DAI, BlockSec noted in a document.
Euler Labs, the developer of the protocol, said it was working with security professionals and law enforcement and will release more information later.
Flash loans are a popular tool for attackers looking to exploit vulnerabilities in DeFi protocols, as they allow borrowers to access large amounts of funds without providing collateral. However, they come with a high level of risk since the borrower must repay the loan within a short time frame.
Euler is a non-custodial protocol that allows users to lend and borrow crypto assets and is run by a decentralized autonomous organization (DAO). It raised a $32 million fundraising round led by Haun Ventures in June 2022.
The attack caused the price of the Euler (EUL) token to drop more than 45% — coming down to $3.30 from $6.10.
© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.